Configuring radius, Radius overview, Configuring a radius scheme – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

419

Configuring RADIUS

RADIUS overview

The Remote Authentication Dial-In User Service (RADIUS) protocol implements Authentication,

Authorization, and Accounting (AAA). RADIUS uses the client/server model. It can protect networks
against unauthorized access and is often used in network environments where both high security and

remote user access are required. RADIUS defines the packet format and message transfer mechanism,

and uses UDP as the transport layer protocol for encapsulating RADIUS packets. It uses UDP port 1812

for authentication and UDP port 1813 for accounting.
RADIUS was originally designed for dial-in user access. With the addition of new access methods,

RADIUS has been extended to support additional access methods, for example, Ethernet and ADSL.

RADIUS provides access authentication and authorization services, and its accounting function collects

and records network resource usage information.
For more information about AAA and RADIUS, see H3C WA Series WLAN Access Points Security

Configuration Guide.

Configuring a RADIUS scheme

A RADIUS scheme defines a set of parameters that the device uses to exchange information with the
RADIUS servers. There might be authentication servers and accounting servers, or primary servers and

secondary servers. The parameters mainly include the IP addresses of the servers, the shared keys, and

the RADIUS server type. By default, no RADIUS scheme exists.
To configure a RADIUS scheme:

1.

Select Authentication > RADIUS from the navigation tree.

Figure 445 RADIUS scheme list

2.

Click Add.